package com.ls.rbac.security;

import jakarta.annotation.Resource;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.SecurityFilterChain;

import static org.springframework.security.config.Customizer.withDefaults;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.session.SessionInformationExpiredStrategy;
import org.springframework.web.cors.CorsConfiguration;


/**
 * created by liush on 2025/6/27
 **/
@Configuration
//@EnableMethodSecurity
public class SecurityConfig {

    @Resource
    private LoginFailureHandler loginFailureHandler;

    @Resource
    private LoginSuccessHandler loginSuccessHandler;

    @Resource
    private LogoutHandler logoutHandler;

    @Resource
    private CustomAccessDeniedHandler accessDeniedHandler;

    @Resource
    private CustomAnonymousEntryPoint customAnonymousEntryPoint;

    @Resource
    private VerifyTokenFilter verifyTokenFilter;
    @Resource
    private SessionInformationExpiredStrategy customConcurrentSessionExpiredStrategy;

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http.authorizeHttpRequests(auth ->
//                auth.requestMatchers("/login",
//                        "/logout",
//                        "/doc.html",
//                        "/webjars/**",
//                        "/v3/api-docs/**",
//                        "/favicon.ico"
//                ).permitAll().anyRequest().authenticated()
//        );
//        http.httpBasic(Customizer.withDefaults());
//        http.formLogin(form -> form.loginPage("/login").permitAll()
//                .successHandler(loginSuccessHandler)
//                .failureHandler(loginFailureHandler));
//        http.logout(logout ->
//                logout.logoutSuccessHandler(logoutHandler));
//        http.exceptionHandling(exception -> exception
//                .authenticationEntryPoint(customAnonymousEntryPoint)
//                .accessDeniedHandler( accessDeniedHandler));
//        http.cors(cors -> cors.configurationSource(request -> {
//                    CorsConfiguration conf = new CorsConfiguration();
//                    conf.setAllowCredentials(true);
//                    return conf;
//                })
//        );
//        http.addFilterBefore(verifyTokenFilter, UsernamePasswordAuthenticationFilter.class);
//        http.sessionManagement(session ->
//                session.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
//        http.csrf(AbstractHttpConfigurer::disable);
        auth.anyRequest().permitAll());
        return http.build();
    }



}
